<?php
$csrf_token = uniqid ( md5 ( rand () ) );
$_SESSION ['csrfToken'] = $csrf_token;
if($_GET['action']=='poll'){
	if($_SESSION['logined']){
		include_once libfile('function/vote');
		$teacher=DB::fetch_all("SELECT * FROM %t ORDER BY id ASC",array("extra_teacher"));
		$polled=getPolled();
		
		include template('vote/vote');
	}else{
		header('Location:index.php?mod=vote');
		exit();
	}
}elseif($_GET['action']=='login'){
	include_once libfile('function/vote');
	$status=login($_GET['stuid'], $_GET['stuname']);
	if($status==1){
		$_SESSION['logined']=1;
		$_SESSION['stuid']=$_GET['stuid'];
		header('Location:index.php?mod=vote&action=poll');
		exit();
	}else{
		include template('vote/index');
	}
}elseif($_GET['action']=='logout'){
	unset($_SESSION['logined']);
	unset($_SESSION['stuid']);
	header('Location:index.php?mod=vote');
	exit();
}elseif($_GET['action']=='result'){
	$teacher=DB::fetch_all("SELECT * FROM %t ORDER BY id ASC",array("extra_teacher"));
	include template('vote/result');
}elseif($_GET['action']=='sendpoll'){
	if($_SESSION['logined']){
		include_once libfile('function/vote');
		$votes=$_GET['checked'];
		$polled=getPolled();
		$inserts=array();
		if($votes){
			$voteperm=false;
			$lastpost=DB::fetch_first('SELECT stuid FROM %t WHERE `stuid`=%d ORDER BY id DESC LIMIT 1',array('extra_votestat',$_SESSION['stuid']));
			$votedata=DB::fetch_all("SELECT stuid FROM %t WHERE ip=%s GROUP BY stuid",array('extra_votestat',$_G['clientip']));
			foreach($votedata as $val){
				if($val['stuid']==$_SESSION['stuid']){
					$voteperm=true;
				}
			}
			if(!$voteperm && count($lastpost)<1){
				$voteperm=true;
			}
			if($voteperm){
				$polling=is_array($votes)?count($votes):1;
				$totalPolled=count($polled)+$polling;
				if(count($polled)<10&&$totalPolled<=10){
					if(count($polled)==0||!isPolled($votes,$polled)){
						$data=array();
						foreach($votes as $teachid){
							$data['stuid']=$_SESSION['stuid'];
							$data['teachid']=$teachid;
							$data['dateline']=time();
							$data['ip']=$_G['clientip'];
							$inserts[]=DB::insert("extra_votestat", $data, true);
							DB::query("UPDATE %t SET `vote`=`vote`+1 WHERE id=%d",array('extra_teacher',$teachid));
						}
						header('Location:index.php?mod=vote&action=complete');
					}else{
						exit('您已经投过部分老师,请重新选择.');
					}
				}else{
					exit('您的投票次数已用完或您选择的人数过多');
				}
			}else{
				exit('同一IP我们只允许一位同学进行投票,请使用非公用电脑进行投票');
			}
		}else{
			exit('您还没有选择老师，请返回选择');
		}
	}else{
		exit('Permission Denied');
	}
}elseif($_GET['action']=='wish'){
	$res=DB::fetch_all("SELECT * FROM %t",array('extra_note'));
	include template('vote/wish');
}elseif($_GET['action']=='sendwish'){
	$author =$_GET['author'];
	$body = $_GET['body'];
	$color = $_GET['color'];
	$zindex = (int)$_GET['zindex'];
	DB::query('INSERT INTO %t(text,name,color,xyz,ip) VALUES (%s,%s,%s,%s,%s)',array('extra_note',$body,$author,$color,rand(0,728).'x'.rand(0,328).'x'.$zindex,'1'));
	echo DB::insert_id();
	setcookie("wishwell",1);
	$_SESSION['wishwell']=1;
}elseif($_GET['action']=='complete'){
	$complete=true;
	$teacher=DB::fetch_all("SELECT * FROM %t ORDER BY id ASC",array("extra_teacher"));
	include template('vote/result');
}elseif($_GET['action']=='mailtoresult'){
	$result=DB::fetch_all("SELECT DISTINCT stuid FROM %t",array('extra_votestat'));
	$stuinfo=DB::fetch_all("SELECT stuid,college FROM %t",array('extra_vote'));
	$stuinfos=array();
	$college=DB::fetch_all("SELECT college,count(*) as total FROM %t GROUP by college",array('extra_vote'));
	$colleges=array();
	foreach($stuinfo as $val){
		$stuinfos[$val['stuid']]=$val['college'];
	}
	foreach($result as $key=>$val){
		$result[$key]['college']=$stuinfos[$result[$key]['stuid']];
	}
	foreach($college as $val){
		$colleges[md5($val['college'])]['name']=$val['college'];
		$colleges[md5($val['college'])]['count']=0;
		$colleges[md5($val['college'])]['total']=$val['total'];
	}
	foreach($result as $val){
		$colleges[md5($val['college'])]['count']++;
	}
	$str="<table>";
	foreach($colleges as $val){
		$str.="<tr><td>".$val['name']."</td><td>".$val['count'].'名</td><td>占比:'.$val['count']/$colleges[md5($val['name'])]['total'].'</td></tr>';
	}
	$str.='</table>';
	echo $str;
}else{
	if($_SESSION['logined']){
		header('Location:index.php?mod=vote&action=poll');
		exit();
	}
	include template('vote/index');
}

?>